[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fzG6aHqZhYi4xDVU25m7WvTThOlVDQjFUwNjz08te0xo":3,"$fC_L8VLpfY41mG8YFbUfQ0oPl3W7K3YO-PRWMyRHBc1o":119,"$f6u4Qiaptz0acrDCKuqViY9mH-0J6NWVuvPlRMI26byA":124},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":14,"last_updated":15,"tested_up_to":16,"requires_at_least":17,"requires_php":18,"tags":19,"homepage":24,"download_link":25,"security_score":26,"vuln_count":27,"unpatched_count":27,"last_vuln_date":28,"fetched_at":29,"discovery_status":30,"vulnerabilities":31,"developer":32,"crawl_stats":28,"alternatives":40,"analysis":41,"fingerprints":100},"post-announcement","Post Announcement","1.0","M A Vinoth Kumar","https:\u002F\u002Fprofiles.wordpress.org\u002Fvinoth06\u002F","\u003Cp>Through this plugin, user can able to show the announcement or notice to users based on each post.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Author can able to show the announcement or notification about that post under the each post.\u003C\u002Fli>\n\u003Cli>Notification post will be scrolled and stopped on mouse hover.\u003C\u002Fli>\n\u003Cli>Admin can able to select the background and font color of notification in dash board.\u003C\u002Fli>\n\u003Cli>Customize title can be set for Announcement.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>For more information : http:\u002F\u002Fbuffercode.com\u002Fwordpress-post-announcement-plugin\u002F\u003C\u002Fp>\n","Through this plugin, user can able to show the announcement or notice to users based on each post.",10,1809,100,1,"2013-12-31T04:29:00.000Z","3.7.41","3.3","",[20,21,22,4,23],"announcement-post","notification-post","notify-post","post-based-notification","http:\u002F\u002Fbuffercode.com\u002Fwordpress-post-announcement-plugin\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fpost-announcement.1.0.zip",85,0,null,"2026-04-06T09:54:40.288Z","no_bundle",[],{"slug":33,"display_name":7,"profile_url":8,"plugin_count":34,"total_installs":35,"avg_security_score":36,"avg_patch_time_days":37,"trust_score":38,"computed_at":39},"vinoth06",21,3670,84,462,68,"2026-05-19T23:10:19.776Z",[],{"attackSurface":42,"codeSignals":75,"taintFlows":92,"riskAssessment":93,"analyzedAt":99},{"hooks":43,"ajaxHandlers":71,"restRoutes":72,"shortcodes":73,"cronEvents":74,"entryPointCount":27,"unprotectedCount":27},[44,50,54,58,62,66],{"type":45,"name":46,"callback":47,"file":48,"line":49},"action","admin_menu","buffercode_post_announcement_menu","post-announcement-menu.php",6,{"type":45,"name":51,"callback":52,"file":48,"line":53},"admin_init","buffercode_post_announcement_register_settings",13,{"type":45,"name":51,"callback":55,"priority":14,"file":56,"line":57},"buffercode_post_announcement","post-announcement.php",25,{"type":45,"name":59,"callback":60,"file":56,"line":61},"add_meta_boxes","buffercode_post_announcement_mode",41,{"type":45,"name":63,"callback":64,"file":56,"line":65},"save_post","buffercode_post_announcement_save",107,{"type":67,"name":68,"callback":69,"file":56,"line":70},"filter","the_content","buffercode_post_announcement_display_logic",121,[],[],[],[],{"dangerousFunctions":76,"sqlUsage":77,"outputEscaping":79,"fileOperations":27,"externalRequests":27,"nonceChecks":14,"capabilityChecks":90,"bundledLibraries":91},[],{"prepared":27,"raw":27,"locations":78},[],{"escaped":14,"rawEcho":80,"locations":81},4,[82,85,86,88],{"file":48,"line":83,"context":84},36,"raw output",{"file":48,"line":61,"context":84},{"file":48,"line":87,"context":84},46,{"file":56,"line":89,"context":84},53,2,[],[],{"summary":94,"deductions":95},"The 'post-announcement' v1.0 plugin exhibits a generally strong security posture based on the provided static analysis.  A significant strength is the complete absence of identified dangerous functions, raw SQL queries, file operations, and external HTTP requests, all of which are common vectors for vulnerabilities. The presence of nonce and capability checks, even with a limited number of entry points, is a positive indicator of an attempt to implement security controls.  Furthermore, the lack of any recorded vulnerabilities in its history suggests a history of stable and secure development.\n\nHowever, a notable area of concern is the output escaping. With 5 total outputs and only 20% properly escaped, there's a significant risk of cross-site scripting (XSS) vulnerabilities. Any user-supplied data that is displayed to other users without proper sanitization can be exploited. While the taint analysis shows no flows, this is likely due to the limited attack surface and the analysis not finding any exploitable paths. The absence of a larger attack surface is a positive, but the insufficient output escaping presents a clear and present danger that needs immediate attention.\n\nIn conclusion, the plugin has several strong security foundations, particularly in its handling of database interactions and external communications. The absence of historical vulnerabilities is a good sign. The critical weakness lies in the insufficient output escaping, which introduces a substantial risk of XSS. Addressing this specific issue should be the top priority to improve the plugin's overall security.",[96],{"reason":97,"points":98},"Insufficient output escaping",8,"2026-03-17T01:19:00.446Z",{"wat":101,"direct":107},{"assetPaths":102,"generatorPatterns":103,"scriptPaths":104,"versionParams":106},[],[],[105],"\u002Fwp-content\u002Fplugins\u002Fpost-announcement\u002Fjs\u002Fjscolor.js",[],{"cssClasses":108,"htmlComments":109,"htmlAttributes":111,"restEndpoints":114,"jsGlobals":115,"shortcodeOutput":116},[],[110],"\u003C!-- Buffercode.com Post Announcement -->",[112,113],"name=\"buffercode_post_announcement_summary\"","name=\"buffercode_post_announcement_mode_nonce\"",[],[],[117,118],"\u003Ctextarea placeholder=\"Make your Announcement Here..\" name=\"buffercode_post_announcement_summary\" rows=\"5\" cols=\"82\">","\u003Cmarquee behavior=\"scroll\" direction=\"left\" onmouseover=\"this.stop();\" onmouseout=\"this.start();\">",{"error":120,"url":121,"statusCode":122,"statusMessage":123,"message":123},true,"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fpost-announcement\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":14,"versions":125},[126],{"version":6,"download_url":25,"svn_tag_url":127,"released_at":28,"has_diff":128,"diff_files_changed":129,"diff_lines":28,"trac_diff_url":28,"vulnerabilities":130,"is_current":120},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fpost-announcement\u002Ftags\u002F1.0\u002F",false,[],[]]